From the course: Security Onion
Join today to access over 24,700 courses taught by industry experts.
Tcpreplay, part 2
- All right, so let's get started with our demo of replaying traffic onto a standalone server with TCP replay. So the website that we are grabbing our P cap from is malware-traffic-analysis.net. This one was released on 2019, five two. And the name of this exercise is Beguile Soft, which is the fictional company that this occurred at. So we have our P cap here. If we scroll down, we have a quick screen capture of wire shark and we have a scenario. So looking at this P cap, what they have tasked us to do is find out this information right here. So we have our executive summary on 2019, five two at such and such time. A Windows host used by such and such person was infected with what? Then we want to know the details of the infected host and some of the indicators of compromise, and the information that we're given is up here in the scenario. So we know the land segment range, the domain, domain controller, gateway and broadcast address. So let's get started with this, and we will be…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.